~/cve/CVE-2017-18893

pipeline liveDigest Docs

CVE-2017-18893

published 2020-06-19

CVE-2017-18893: An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. Display names allow XSS.

medium6.1CVSS 3.1

AVNACLPRNUIRSCCLILAN

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. Display names allow XSS.

Affected

9 ranges

Vendor	Product	Version range	Fixed in
github.com	mattermost_mattermost-server	>= 0 < 4.0.5+incompatible	4.0.5+incompatible
github.com	mattermost_mattermost-server	>= 0 < 4.0.5	4.0.5
github.com	mattermost_mattermost-server	>= 4.1.0 < 4.1.1	4.1.1
github.com	mattermost_mattermost-server	>= 4.1.0+incompatible < 4.1.1+incompatible	4.1.1+incompatible
github.com	mattermost_mattermost-server	>= 4.2.0-rc1 < 4.2.0	4.2.0
github.com	mattermost_mattermost-server	>= 4.2.0-rc1+incompatible < 4.2.0+incompatible	4.2.0+incompatible
mattermost	mattermost_server	< 4.0.5	4.0.5
mattermost	mattermost_server	—	—
mattermost	mattermost_server	>= 4.1.0 < 4.1.1	4.1.1